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DETAILED ACTION 



Continued Examination Under 37 CFR LI 14 



1 . A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this appUcation after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous office action has been withdrawn pursuant to 37 
CFR 1.114. Apphcant's Request for Continued Examination (RCE) submission filed on 16 April 
2004 has been entered. In addition, the "After Final" amendment filed on 22 March 2004 has 
been entered as a preliminary amendment for the continued examination of this application. 

Remarks 

2. Li response to communications filed on 22 March 2004, claims 25, 30, 34, 39, 43, and 48 
are amended per applicant's request. Claims 25-51 are presently pending in the application. 



3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



Claim Rejections - 35 USC § 103 
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4. Claims 25, 34, and 43 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Zizzi (U.S. patent No. 6,185,681) in view of McBride (U.S. patent No. 6,292,899 Bl). 

As to claim 25 Zizzi teaches a method for managing encryption within a database system, 
wherein encryption is performed automatically and transparently to a user of the database system 
(see abstract), the method comprising: 

receiving a request at the database system to store data in the database system (see figure 
4, step 415); 

wherein the request is directed to storing data in a portion of the database system that has 
been designated as encrypted (see figure 4 step 430, where the decision is "Yes"); 

in response to receiving the request: 

automatically encrypting data within the database system using an 
encryption function to produce an encrypted data (see figure 4, step 460); and 

storing the encrypted data in the database system (see column 7, lines 15-21). 

Zizzi does not teach creating a digest of data, wherein the digest is used to detect 
tampering with the encrypted data, and wherein using the encryption function involves using an 
encryption key recovered fi-om an obfuscated copy of the keyfile within volatile memory. 

McBride teaches a data security system that uses a volatile key apparatus to manage 
access to a file (see abstract), in which he teaches creating a digest of data, wherein the digest is 
used to detect tampering with the encrypted data (see column 6, lines 1 1-24, where "digest" is 
read on "checksum"), and wherein using the encryption function involves using an encryption 
key recovered from an obfuscated copy of the keyfile within volatile memory (see column 6, 
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lines 41-45). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Zizzi to include creating a digest of data, wherein 
the digest is used to detect tampering with the encrypted data, and wherein using the encryption 
function involves using an encryption key recovered fi-om an obfiiscated copy of the keyfile 
within volatile memory. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Zizzi by the teachings of McBride because creating a 
digest of data, wherein the digest is used to detect tampering with the encrypted data would deter 
tampering with the file (see McBride . column 6, lines 1 1-24), and because wherein using the 
encryption function involves using an encryption key recovered fi"om an obfuscated copy of the 
keyfile within volatile memory would prevent access to the information that is encrypted (see 
McBride , abstract). 

As to claim 34, Zizzi teaches a computer-readable storage medium storing instructions 
that when executed by a computer causes the computer to perform a method for managing 
encryption within a database system, wherein encryption is performed automatically and 
transparently to a user of the database system (see abstract, where "instructions" are read on 
"software module", and it is inherent that the software must be stored on some medium), the 
method comprising: 

receiving a request at the database system to store data in the database system (see figure 
4, step 415); 
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wherein the request is directed to storing data in a portion of the database system that has 
been designated as encrypted (see figure 4, step 430, where the decision is "Yes"); 

in response to receiving the request: 

automatically encrypting data within the database system using an 
encryption function to produce an encrypted data (see figure 4, step 460); and 

storing the encrypted data in the database system (see column 7, lines 15-21). 

Zizzi does not teach creating a digest of data, wherein the digest is used to detect 
tampering with the encrypted data, and wherein using the encryption function involves using an 
encryption key recovered from an obfuscated copy of the keyfile within volatile memory. 

McBride teaches creating a digest of data, wherein the digest is used to detect tampering 
with the encrypted data (see column 6, lines 11 -24, where "digest" is read on "checksum"), and 
wherein using the encryption function involves using an encryption key recovered from an 
obfuscated copy of the keyfile within volatile memory (see column 6, lines 41-45). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Zizzi to include creating a digest of data, wherein 
the digest is used to detect tampering with the encrypted data, and wherein using the encryption 
function involves using an encryption key recovered from an obfuscated copy of the keyfile 
within volatile memory. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Zizzi by the teachings of McBride because creating a 
digest of data, wherein the digest is used to detect tampering with the encrypted data would deter 
tampering with the file (see McBride . column 6, lines 1 1-24), and because wherein using the 
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encryption function involves using an encryption key recovered from an obfuscated copy of the 
keyfile within volatile memory would prevent access to the information that is encrypted (see 
McBride , abstract). 

As to claim 43, Zizzi teaches an apparatus that faciUtates managing encryption within a 
database system, wherein encryption is performed automatically and transparently to a user of 
the database system (see abstract), comprising: 

a receiving mechanism that is configured to receive a request at the database system to 
store data in the database system (see column 8, lines 32-41); 

wherein the request is directed to storing data in a portion of the database system that has 
been designated as encrypted (see figure 4, step 430, where the decision is "Yes"); 

an encrypting mechanism that is configured to automatically encrypt data within the 
database system using an encryption function to produce an encrypted data (see column 9, lines 
20-31) and; 

a storing mechanism that is configured to store the encrypted data in the database system 
(see column 7, lines 15-21). 

Zizzi does not teach a digest creating mechanism configured to create a digest of the data, 
wherein the digest is used to detect tampering with the encrypted data, and wherein using the 
encryption function involves using an encryption key recovered from an obfuscated copy of a 
keyfile within volatile memory. 

McBride teaches a digest creating mechanism configured to create a digest of the data, 
wherein the digest is used to detect tampering with the encrypted data (see column 6, lines 1 1-24, 
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where "digest" is read on "checksum"), and wherein using the encryption function involves 
using an encryption key recovered from an obfiiscated copy of a keyfile within volatile memory 
(see column 6, lines 41-45). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Zizzi to include a digest creating mechanism 
configured to create a digest of the data, wherein the digest is used to detect tampering with the 
encrypted data, and wherein using the encryption function involves using an encryption key 
recovered from an obfuscated copy of a keyfile within volatile memory. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Zizzi by the teachings of McBride because a digest 
creating mechanism configured to create a digest of the data, wherein the digest is used to detect 
tampering with the encrypted data would deter the tampering with the file (see McBride . column 
6, lines 1 1-24), and because wherein using the encryption function involves using an encryption 
key recovered from an obfuscated copy of a keyfile within volatile memory would prevent 
access to the information that is encrypted (see McBride , abstract). 

5. Claims 26-28, 30-33, 35-37, 39-42, 44-46, and 48-51 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Zizzi (U.S. patent No. 6,185,681) in view of McBride (U.S. patent 
No. 6,292,899 Bl) as applied to claims 25, 34, and 43 above, and further in view of Sutter (U.S. 
patent No. 5,924,094). 



As to claims 26, 35, and 44, Zizzi as modified, teaches 
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wherein the encryption function uses a key stored in a keyfile managed by a security 
administrator (see Zizzi, column 9, lines 25-30); and 

wherein the encrypted data is stored using a storage function of the database system (see 
Zizzi , column 9, lines 32-37). 

Zizzi as modified, still does not teach wherein the portion of the database system that has 
been designated as encrypted includes a column of the database system. 

Sutter teaches wherein the portion of the database system that has been designated as 
encrypted includes a column of the database system (see column 59, lines 10-16). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Zizzi as modified, to include wherein the portion 
of the database system that has been designated as encrypted includes a column of the database 
system. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Zizzi as modified, by the teachings of Sutter because 
wherein the portion of the database system that has been designated as encrypted includes a 
column of the database system would keep unauthorized users firom deciphering the encrypted 
column of the database system. 

As to claims 27, 36, and 45, Zizzi as modified, teaches fiirther comprising: 
receiving a request to retrieve data from the column of the database system (see Zizzi, 
column 9, lines 44-59); 

if the request to retrieve data is received from a database administrator, preventing the 
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database administrator from decrypting the encrypted data; if the request to retrieve data is 
received from the security administrator, preventing the security administrator from decrypting 
the encrypted data; and if the request to retrieve data is from an authorized user of the database 
system, allowing the authorized user to decrypt the encrypted data (see Zizzi , column 9, lines 40- 
43, where any user that does not have authorization to decrypt the data will not be authorized to 
decrypt it). 

As to claims 28, 37, and 46, Zizzi as modified teaches data encryption standard (DES) 
and triple DES as a mode of encryption (see Zizzi , column 3, lines 29-37). 

Zizzi as modified, still does not teach wherein the security administrator selects a mode 
of encryption for the column. 

Sutter teaches wherein the security administrator selects a mode of encryption for the 
column (see column 59, lines 11-14). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Zizzi as modified, to include wherein the security 
administrator selects a mode of encryption for the column. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Zizzi as modified, by the teachings of Sutter because 
wherein the security administrator selects a mode of encryption for the column would allow the 
security manager to select various methods of encryption strengths depending on the importance 
of the file. 
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As to claims 30, 39, and 48, Zizzi as modified, teaches wherein managing the keyfile 
includes, but is not limited to: 

establishing a relationship between a key identifier and he key stored in the keyfile (see 
Zizzi , column 6, lines 3-6); 

storing the keyfile in one of, 

an encrypted file in the database system, and a location separate from the database 

system (see Zizzi, column 6, lines 1-2); 

Zizzi as modified, still does not teach creating the keyfile; estabhshing a plurality of keys 
to be stored in the keyfile; and moving an obfiiscated copy of the keyfile to a volatile memory 
within a server associated with the database system. 

McBride teaches creating the keyfile; establishing a plurality of keys to be stored in the 
keyfile (see column 1, lines 6-10); and moving the obfiiscated copy of the keyfile to the volatile 
memory within a server associated with the database system (see column 6, line 46-62). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Zizzi as modified, to include creating the keyfile; 
establishing a plurality of keys to be stored in the keyfile; and moving an obfiiscated copy of the 
keyfile to a volatile memory within a server associated with the database system. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Zizzi as modified, by the teachings of McBride because 
creating the keyfile, and establishing a plurality of keys to be stored in the keyfile would 
safeguard the confidential data that is in the memory (see McBride . abstract); and because 
moving an obfiiscated copy of the keyfile to a volatile memory within a server associated with 
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the database system would allow the user to access the encrypted data after the device has been 
tampered with and the memory has been erased (see McBride, abstract). 

As to claims 31, 40, and 49, Zizzi as modified, still does not teach wherein the key 
identifier associated with the column is stored as metadata associated with a table containing the 
column within the database system. 

Sutter teaches wherein the key identifier associated with the column is stored as metadata 
associated with a table containing the column within the database system (see column 59, line 29 
through 60, line 25). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Zizzi as modified, to include wherein the key 
identifier associated with the column is stored as metadata associated with a table containing the 
column within the database system. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Zizzi as modified, by the teachings of Sutter because 
wherein the key identifier associated with the colunm is stored as metadata associated with a 
table containing the column within the database system would allow the same key to be used 
with the same key algorithm to encrypt multiple columns of the same table or multiple columns 
in different tables (see Sutter, column 60, lines 20-24). 



As to claims 32, 41, and 50 Zizzi as modified, teaches further comprising establishing 
encryption parameters for the column (see Sutter, colunm 60, lines 1-10), wherein encryption 
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parameters include encryption mode, key length, and integrity type (see Sutter , column 59, line 
10-15, where different types of encryption are used to verify the integrity of the file) by: 

entering encryption parameters for the column manually (see Zizzi , colxmin 7, line 64 
through column 8, line 6); and 

recovering encryption parameters for the column from a profile table in the database 
system (see Zizzi, column 8, lines 59-67). 

As to claims 33, 42, and 51, Zizzi as modified, teaches wherein upon receiving a request 
from the security administrator specifying the column to be encrypted (see Sutter , column 60, 
lines 1-26, where "administrator" is read on "designer"), if the column currently contains data, 
the method further comprises: 

decrypting the column using an old key if the column was previously encrypted (it is 
obvious to one skilled in the art that the column would have to be decrypted before the old key 
could be discarded); and 

encrypting the column using a new key (see Sutter, column 60, lines 1-19). 

6. Claims 29, 38, and 47 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Zizzi (U.S. patent No. 6,185,681 Bl) in view of McBride (U.S. patent No. 6,292,899 Bl) in 
further view of Sutter (U.S. patent No. 5,924,094) as apphed to claims 26-28, 30-33, 35-37, 39- 
42, 44-46, and 48-51 above, and further in view of Brogliatti et al. (U.S. patent No. 6,564,225 
Bl). 
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As for claims 29, 38, and 47, Zizzi as modified, still does not teach wherein the security 
administrator, a database administrator, and a user administrator are distinct roles, and wherein a 
person selected for one of these roles is not allowed to be selected for another of these roles. 

Brogliatti et al. teaches wherein the security administrator, a database administrator, and 
a user administrator are distinct roles, and wherein a person selected for one of these roles is not 
allowed to be selected for another of these roles (see column 5, hnes 10-24), 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Zizzi as modified, to include wherein the security 
administrator, a database administrator, and a user administrator are distinct roles, and wherein a 
person selected for one of these roles is not allowed to be selected for another of these roles. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Zizzi as modified, by the teachings of Brogliattietal 
because wherein the security administrator, a database administrator, and a user administrator are 
distinct roles, and wherein a person selected for one of these roles is not allowed to be selected 
for another of these roles would protect important corporate assets (see Brogliatti et al. , column 
5, lines 10-14). 

Response to Arguments 
7. Applicant's arguments filed on 22 March 2004 with respect to rejected claims in view of 
the cited references have been fixUy considered but they are moot in view of the new ground of 
rejection. 
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Conclusion 



8. 



Any inquiry concerning this communication or earlier communications from the 



examiner should be directed to Jacob F. Betit whose telephone number is (703) 305-3735. The 
examiner can normally be reached on Monday through Friday 9 am to 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Dov Popovici can be reached on (703) 305-3830. The fax phone number for the 
organization where this appHcation or proceeding is assigned is 703-872-9306. 

Information regarding the status of an appHcation may be obtained from the Patent 
AppHcation Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or PubHc PAIR. Status information for unpubHshed 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EEC) at 866-217-9197 (toll-free). 



jfb 

6 May 2004 




SAM RIMELL 
PRIMARY EXAMINER 



